A TREND MICRO BLOG

Mar 6

Chatwebcamfree Porn Hijacks Twitter Accounts

Rik Ferguson

Filed under: Web 2.0 | RSS 2.0 | TB | Tags: , , | 17 Comments

It appears that there is a rash of Twitter account hijacking going on this evening. Hundreds of twitter accounts are being compromised and tweets are being posted encouraging users to make the accquaintance of a 23 year old female with a webcam…

 

So far over 700 Twitter accounts have been compromised in the two hours since 7pm GMT.

 Rogue Tweet

The message reads “hey! 23/Female. Come chat with me on my webcam thingy here www.{BLOCKED}.com.”

 

 

Search results from www.twitscoop.com

Search results from www.twitscoop.com

 

 

Obviously we recommend against clicking on this link, it leads to a porn webcam portal which looks to have been designed with credit card harvesting in mind. Affected users should change their password to a secure one as soon as possible (see today’s earlier blog entry for advice).

 pornsite

 

 

The porn webcam portal contains an obfuscated JavaScript that loads up porn related advertisments on the browsing computer. Do not visit the site, even out of curiosity.

rik1 

 

It is unclear how the mass compromise occured, although with Twitterers willingness to enter their Twitter username and password into any number of third-party websites offering Twitter related services, the opportunities for cybercrime are many.

 

UPDATE: The folks over at Twitter have been busy sorting this compromise out and have blogged about it here, they estimate that about 750 accounts were compromised.

 

Incidentally it looks like Facebook was hit with a similar attack about a month previously.


Bookmark
| More

This entry was posted on Friday, 6. March 2009 and is filed under "Web 2.0". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.

17 Comments

  1. Friday, 6. March 2009 um 11:22 pm

    [...] A new attack was hijacking Twitter users Friday, with at least 700 accounts being compromised in two hours beginning at about 11 a.m. PST (7 p.m. GMT), security researcher Rik Ferguson wrote on the Trend Micro blog. [...]

  2. Saturday, 7. March 2009 um 4:47 am

    [...] researcher Rik Ferguson,  wrote on the Trend Micro blog. It appears that there is a rash of Twitter account hijacking going on this evening. Hundreds of [...]

  3. Saturday, 7. March 2009 um 5:33 am

    [...] 1: According to security firm Trend Micro, the webcam site serves up “an obfuscated JavaScript that loads up porn related advertisments [...]

  4. Saturday, 7. March 2009 um 6:56 am

    [...] 1: According to security firm Trend Micro, the webcam site serves up “an obfuscated JavaScript that loads up porn related advertisments [...]

  5. Saturday, 7. March 2009 um 2:30 pm

    [...] Security consultant Rik Ferguson of TrendMicro says: So far over 700 Twitter accounts have been compromised in the two hours since 7pm GMT. (6th [...]

  6. Saturday, 7. March 2009 um 10:21 pm

    [...] Here’s how to avoid Twitter getting VD [...]

  7. Sunday, 8. March 2009 um 9:12 am

    [...] March 8, 20091:38 am 750 Twitter accounts hijacked by webcam porn girl Trend Micro is reported and is confirmed by Twitter that about 750 Twitter accounts were being compromised [...]

  8. Monday, 9. March 2009 um 10:16 am

    [...] we go – Twitter accounts hacked in new porn spam scheme. 750 accounts were [...]

  9. Monday, 9. March 2009 um 1:05 pm

    [...] latest five minute maelstrom on the blogosphere was the widespread hacking of Twitter accounts. According to experts, some 700 or so Twitter accounts were hacked such that they appeared to be the property of a 23 [...]

  10. Monday, 9. March 2009 um 6:07 pm

    [...] micro oppdaget hackingen fredag kveld, og postet en artikkel om dette på bloggen sin. Også Twitter skriver om dette angrepet i sin egen [...]

  11. Monday, 9. March 2009 um 10:21 pm

    [...] More on the hack [...]

  12. Wednesday, 11. March 2009 um 5:18 am

    [...] esta nueva entrega la marca Trend Micro ha detectado una avalancha de robos de cuentas Twitter, unas 750 por el momento. El ataque llega en forma de tweet a los [...]

  13. Wednesday, 11. March 2009 um 6:38 am

    [...] esta nueva entrega la marca Trend Micro ha detectado una avalancha de robos de cuentas Twitter, unas 750 por el momento. El ataque llega en forma de tweet a los [...]

  14. Wednesday, 11. March 2009 um 6:58 am

    [...] esta nueva entrega la marca Trend Micro ha detectado una avalancha de robos de cuentas Twitter, unas 750 por el momento. El ataque llega en forma de tweet a los [...]

  15. Monday, 16. March 2009 um 3:42 pm

    [...] desea más conocer más detalles sobre este incidente, visite: http://countermeas….trendmicro.eu/?p=47 Entradas relacionadas:Microsoft anuncia software de seguridad gratuito para 2009 Microsoft [...]

  16. Thursday, 9. April 2009 um 5:56 am

    [...] 1: According to security firm Trend Micro, the webcam site serves up “an obfuscated JavaScript that loads up porn related advertisments [...]

  17. Thursday, 9. April 2009 um 8:35 pm

    [...] 1: According to security firm Trend Micro, the webcam site serves up “an obfuscated JavaScript that loads up porn related advertisments [...]

Leave a comment

XHTML allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam protection

© Copyright 2010 Trend Micro Inc. All rights reserved.
Legal Notice. Disclaimer